What is CVE-2026-44942?

CVE-2026-44942 is a medium-severity vulnerability in Suse Libzypp, classified under CWE-24. CVSS score: 6.5/10. Published 2026-06-18.

How severe is CVE-2026-44942?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Suse Libzypp

CVE-2026-44942

A path traversal in handling the "path" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by attackers to fill directories on the system outside of the zypp cache with conten…

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

Affected products

Suse Libzypp — versions 17.0.0, 0

Weakness classification (CWE)

CWE-24

References

meissner@suse.de (issue-tracking)
meissner@suse.de (vendor-advisory)

Frequently asked questions

What is CVE-2026-44942?: CVE-2026-44942 is a medium-severity vulnerability in Suse Libzypp, classified under CWE-24. CVSS score: 6.5/10. Published 2026-06-18.
How severe is CVE-2026-44942?: Medium severity. CVSS v3 base score is 6.5 out of 10.